There’s a new backdoor campaign going around. It’s slick, it’s persistent, and it’s targeting developers — specifically those using Microsoft Visual Studio Code (VS Code) as part of their day-to-day workflow. This one’s coming out of North Korea. And it's not just some throwaway malware — it's part of a broader shift in how state-linked actors are slipping past traditional defences by piggybacking off developer tools and trusted platforms. The Basics: Dev Tools as Attack Vectors Security researchers at Jamf Threat Labs have uncovered the latest iteration of an ongoing campaign (nicknamed Contagious Interview ) that’s weaponising VS Code projects. The method? Attackers instruct targets — usually software engineers — to clone a GitHub, GitLab, or Bitbucket repository and open it in VS Code. They pose as recruiters or hiring managers offering a technical assessment. Once the repo is opened, a malicious tasks.json file is silently executed in the background — taking adv...

  We don’t need more tools. We need fewer excuses. In 2026, the average Australian org is still juggling 40+ cyber vendors. That’s not security — that’s bloat. I’ve worked with CISOs, IT leads and boardrooms across government, enterprise, MSPs and SMBs. The story is the same: “We’ve spent the money. Why aren’t we safer?” Because buying tech isn’t a strategy. And most cyber stacks are built on legacy thinking — not business outcomes. Here’s my breakdown of what stays, what goes, and what’s overhyped in the 2026 cyber landscape. ✅ What Stays: The Non-Negotiables in 2026 These are the core capabilities that actually reduce risk and support business resilience. If you’re missing any of these — fix that first. 1. Identity-Led Security (MFA, SSO, Conditional Access) The perimeter is dead. Identity is the new firewall. Enforce MFA everywhere (not just “important” apps) Enable SSO to reduce credential reuse Use conditional access to stop session hijacks and geododging 🧠 If you don’t con...